Distributed Monitoring and Analytics: Finding the Needle in the Haystack in Real Time
Abstract: Flow-based network telemetry and Deep Packet Inspection can produce huge amounts of data, and Big Data approaches to the analysis of this data can identify malicious activity. In practice, attacks are often found retrospectively, and with the help of human experts. Can automation and improved analytics techniques enable us to find attacks as they happen? Will it be necessary to centralize the analysis, or will distributed approaches be more scalable? Can the privacy of personally identifiable information be preserved without diminishing the efficacy of data analytics?
Time: Tuesday, Nov 5th, 2013, 17:30 – 18:30 in Room C01
Panel Moderator: David McGrew (Cisco)
Panelists: Johannes Buchmann (CASED/TU Darmstadt), Anja Feldmann (Deutsche Telekom Laboratories/TU Berlin), Vern Paxson (UC Berkeley), Martin Rehak (Cisco), Ahmad-Reza Sadeghi (CASED/TU Darmstadt)
Bio of Panel Moderator David McGrew
David McGrew, Ph.D. David works in the Office of the Security CTO, where he develops security architectures and systems, and work to improve security through applied research, standards, and product engineering. David was instrumental in the development of several industry standard cryptographic algorithms and protocols. Previously, David formed and managed Cisco’s Advanced Cryptography Development Group, which developed the technologies used in the DMVPN and GETVPN products. He was a Cryptographic Scientist at Trusted Information Systems before joining Cisco in 1998. David holds a Ph.D. in Physics and lives in the Washington, D.C. area.
Bio of Panelist Johannes Buchmann
Johannes Buchmann received his PhD from the Universität zu Köln, Germany in 1982. 1985 and 1986 he was a PostDoc at the Ohio State University on a Fellowship of the Alexander von Humboldt Foundation. From 1988 to 1996 he was a professor of Computer Sience at the Universität des Saarlandes in Saarbrücken. Since 1996 he is a professor of Computer Science and Mathematics at Technische Universität Darmstadt. From 2001 to 2007 he was Vice President Research of TU Darmstadt. In 1993 he received the Leibniz-Prize of the German Science Foundation and in 2012 the Tsugming Tu Award of Taiwan. He is a member of the German Academy of Science and Engineering acatech and of the German Academy of Science Leopoldina. Johannes Buchmann initiated and coordinated the project “Internet Privacy” of the German National Academy of Science and Engineering acatech that brought together scientists from ethics, sociology, law, economy and informatics with industry representatives from Google, Nokia, IBM and Deutsche Post. The project resulted in three book publications that can be downloaded from here.
Bio of Panelist Anja Feldmann
Since 2006 Anja Feldmann, Ph.D. is a full professor at TU Berlin, Germany and was Dean of the EECS department from 2009 to 2013. Before this she headed the network architectures group first at Saarland University and then at TU Munich. From 1995 to 1999 she was at AT&T Labs – Research in Florham Park. Her current research interests include network architecture, and network performance debugging. She has published more than 60 papers and has served on more than 50 program committees, including as Co-Chair of ACM SIGCOMM 2003 and ACM IMC 2011 and as Co-PC-Chair of ACM SIGCOMM 2007 and ACM IMC 2009.
She is a recipient of the Gottfried Wilhelm Leibniz Preis 2011, the highest honor awarded in German research, and the Berliner Wissenschaftspreis 2011. She is a member of the German Academy of Sciences Leopoldina and the supervisory board of SAP AG. She received a M.S. from the University of Paderborn and a Ph.D. from Carnegie Mellon University.
Bio of Panelist Vern Paxon
Vern Paxson is a professor of Electrical Engineering and Computer Sciences at UC Berkeley and leader of the Networking and Security group at the International Computer Science Institute in Berkeley. His research focuses heavily on measurement-based analysis of network activity and Internet attacks. He has worked extensively on high performance network monitoring and on cybercrime, and co-directs the Center for Evidence-based Security Research.
Bio of Panelist Martin Rehak
Martin Rehak is a Principal Engineer at Cisco Systems, where he researches distributed intelligent and decision-making systems, and focuses on focusing on security-related issues. He was formerly CEO, Co-Founder & CTO of Cognitive Security. He specializes in distributed computing, security, artificial intelligence, and embedded and ubiquitous computing.
Martin holds a Ph.D. in Artificial Intelligence from Czech Technical University in Prague, and a Diplome Grande Ecole, Engineering, IT and Telecommunications from Ecole centrale de Paris.
Bio of Panelist Ahmad-Reza Sadeghi
Ahmad-Reza Sadeghi is a full professor of Computer Science at Technische Universität Darmstadt, Germany. He is the head of the System Security Lab at the Center for Advanced Security Research Darmstadt (CASED) and Scientific Director of Fraunhofer Institute for Secure Information Technology (SIT). Since January 2012 he is also the Director of the Intel Collaborative Research Institute for Secure Computing (ICRI-SC) at TU-Darmstadt. He holds a Ph.D. in Computer Science from the University of Saarland in Saarbrücken, Germany. Prior to academia, he worked in Research and Development of Telecommunications enterprises, amongst others Ericsson Telecommunications. He has been continuously contributing to the research community in the field of information and communications security and privacy, and serving as general or program chair, or program committee member of many scientific and industrial conferences. He is on the Editorial Board of the ACM Transactions on Information and System Security.
Prof. Sadeghi has been awarded with the renowned German prize “Karl Heinz Beckurts” for his research on Trusted and Trustworthy Computing technology and its transfer to industrial practice. The award honors excellent scientific achievements with high impact on industrial innovations in Germany. Further, his group received the second prize of the German IT Security Competition Award 2010.